VPN - excluding local IPs

Anatoli me at anatoli.ws
Thu Mar 21 07:07:49 CET 2019


Check the Table option here: 

wg-quick adds some routes and rules, you can see them with: ip rule show 
(check the line containing fwmark, it ends with the routing table 
number) and then check the routes in the corresponding table with: ip 
route show table xxx. Basically, if you omit the Table option, wg-quick 
will add the necessary routes to send all traffic via the tunnel when 
you specify AllowedIPs = You can add routes to your local 
networks/devices for connections to them to go outside the tunnel in the 
PostUp option in the wg-quick config.


*From:* Andreas Hatzl <andreas at hatzl.org>
*Sent:* Thursday, February 21, 2019 12:08
*To:* Wireguard Mailing List <wireguard at lists.zx2c4.com>
*Subject:* VPN - excluding local IPs


I have successfully set up a wireguard VPN between my notebook (Manjaro behind
NAT) and my virtual server (ubuntu 18.04). The only "issue" left is that I
can't connect to local devices on the client while using wireguard. Is there a
way to exclude an IP range from using wireguard?

my client config:
Address = 10.x.y.z/32
PrivateKey = xyz

PublicKey =xyz
Endpoint = xyz:51820
AllowedIPs =
PersistentKeepalive = 21

I am aware that the solution for this has most likely been posted a lot of
times but I can't find anything on the Wireguard page or Google.

It would be great if somebody could help me with this.



WireGuard mailing list
WireGuard at lists.zx2c4.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190321/e2018dd9/attachment.html>

More information about the WireGuard mailing list